$FreeBSD:
src/release/doc/en_US.ISO8859-1/errata/article.sgml,v
- 1.1.2.48 2002/02/05 18:59:23 bmah Exp $
+ 1.1.2.50 2002/02/06 17:04:41 bmah Exp $
No active security advisories.
+A race condition existed whereby a file could be removed + between a + fstatfs(2) call and the + point where the file is accessed, causing a kernel panic. + Only the + procfs(5) filesystem was + known to be vulnerable to this attack. This bug was fixed + in FreeBSD 4.5-RELEASE, but the security advisory + describing the bug was issued after the release. For more + information, including a workaround and bug fix, see + security advisory FreeBSD-SA-02:09.
Certain SSH clients, when attempting to connect to a @@ -98,13 +114,47 @@ "http://www.FreeBSD.org/cgi/man.cgi?query=sshd&sektion=8&manpath=FreeBSD+4.5-stable"> sshd(8)
on the server has - not been configured for S/Key - authentication. As a workaround, uncomment the ChallengeResponseAuthentication no line in - /etc/ssh/sshd_config (on the - server host). This behavior has been observed with the OpenSSH 3.0.1 and 3.0.2 clients, as - well as with PuTTY. + not been later explicitly configured for S/Key authentication. This is due to the + default settings of clients having changed (e.g. use of SSH + protocol version 2 where it was not used before), or from a + change from the client's old default authentication + sequence. There are a number of ways to disable this + behavior: + +On newer OpenSSH clients, + add the following line to your ~/.ssh/config file:
++ PreferredAuthentications publickey,password,keyboard-interactive ++
For PuTTY clients, the + authentication sequence order cannot be changed, but + keyboard-interactive authentication can be disabled in + the settings.
+To disable keyboard-interactive authentication in + the server, uncomment the following line in the /etc/ssh/sshd_config file (on the + server host):
++ ChallengeResponseAuthentication no ++
The release notes mentioned the new sbni device driver, but gave an incorrect reference to the program in the